How do I? - Page 207 - Burp Suite User Forum

How to get help with the labs

I am so very new to this material that I would like to ask a question during labs. How can I do that? Hostheader lab1 password reset email I dont get the forgot password in access logs. My thoughts are to play around with...

Update All Additional Requests with Parameters Matched from Final Macro Response

Scenario: All logged in requests require a CSRF token that is set on login. I am attempting to use the scanner to scan the application. I send a request to the active scanner that contains a valid CSRF token. Once the...

supports High Availability (HA)

Burp Suite Enterprise Edition supports High Availability (HA), Active Passive Service Level

Burp is not creating sitemap of the web applications that i want to scan

Hello, I am using burp suite professional 2020.9.2 with firefox 83.0. My proxy IP is localhost 127.0.0.1 and the port is 8080. Both burp and firefox are listening to the same IP and port.No matter what websites publicly...

Burp Pro

How do I download Burp Pro? I have my a license purchased from company tied to this account email address, but don't have it associated with my online account to initiate the download.

CORS vulnerability with basic origin reflection lab - Exploit Server Button not rendering.

Hi I have completed the "CORS vulnerability with basic origin reflection", however I want to try exploit it again, to better understand the vulnerability however the "Exploit Server" button will not render again after...

Email notification of scheduled scans?

How can I send an email when a scheduled scanned finishes?

HTTP request smuggling, obfuscating the TE header

Why it shows me bad requests in repeater response when i sent this request POST / HTTP/1.1 Host: my lab id Content-Type: application/x-www-form-urlencoded Content-length: 4 Transfer-Encoding:...

Burp Live Scan Payload Modification

I am running a live scan against a system and it comes back with OS Command Injection, and the payload used a sleep time of 20 seconds. I would like to increase the 20 seconds to around 1.5 minutes. I believe it comes back...

License Activation - OS Reinstallation

Hi Team, We installed Burp Suite on our systems and updated to the latest OS version, however, due to some issue had to reinstall an older version. After reinstalling BurpSuite and trying to activate, we get an error...

No more activation allowed for this license

No more activation allowed for this license... I changed my office desktop yesterday. Is there any way to activate the license? The desktop I used before was formatted.

Switch to another language

It is difficult for the novice

Blank lines in Requests

There are exercises, for example "URL-based access control can be circumvented" in the "Access Control" lab, where you add a custom header to your requests to complete them. The requests themselves when passed through Burp...

There is a problem during installation.

Hello There is a problem that the burpsuite_pro-trial version is downloaded and is not installed in progress of installation. My PC os is Windows 10. After clicking burpsuite_pro_window-x64_v20_4_1.exe, the installation...

Invalid client request received: Dropped request looping back to same Proxy listener.

I am not able to access any site with Burp open, not even HTTP (I have already configured the certificate). Every website I try to access appears with this Burp welcome message: https://i.imgur.com/zlDgpvD.png And...

About Web Security Academy

We have contacted you about the Web Security Academy available on the portal site. https://portswigger.net/web-security ① How often is this site updated? Also, if the latest threats appear, will the attack methods and...

Basic clickjacking with CSRF token protection

Is there a bug or something because the lab needs to login using given credentials and whenever i try to do that it logs me in the first time but if i reload or log out it wont let me login again and says invalid username...

Enable deprecated TLS Cipher Suites

I am doing a study on involving TLS and I need to add specific cipher suites that I don't see listed under the TLS Ciphers option. To clarify, I do the following: Project Options > TLS > Enable Custom protocols and ciphers....

Error message when using FoxyProxy

Hi everyone! Hopefully someone more skilled than me can help with the error message I get saying: " Secure Connection Failed An error occurred during a connection to www.google.se. Peer’s certificate has an invalid...

all the website url changed to this url

when i use the Burp proxy and check the website at burp the website URL changed to one of the following URLs for ex : I use www.google.com as the browser and Host: ocsp.digicert.com Host:...